package com.stone.framework.auth.config;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import com.stone.framework.auth.shiro.GenericAuthorizingRealm;
import com.stone.framework.core.util.Passwords;

@Configuration
public class ShiroConfig {

    @Bean
    public Realm genericAuthorizingRealm() {
        GenericAuthorizingRealm realm = new GenericAuthorizingRealm();

        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        credentialsMatcher.setHashAlgorithmName(Passwords.HASH_ALGORITHM_NAME);
        credentialsMatcher.setHashIterations(Passwords.HASH_ITERATIONS);
        realm.setCredentialsMatcher(credentialsMatcher);

        return realm;
    }

    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(genericAuthorizingRealm());
        return securityManager;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager());
        // Map<String, String> map = new HashMap<>();
        // //登出
        // map.put("/logout", "logout");
        // //对所有用户认证
        // map.put("/**", "authc");
        // //登录
        // shiroFilterFactoryBean.setLoginUrl("/login");
        // //首页
        // shiroFilterFactoryBean.setSuccessUrl("/index");
        // //错误页面，认证不通过跳转
        // shiroFilterFactoryBean.setUnauthorizedUrl("/error");
        // shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        return shiroFilterFactoryBean;
    }

}
